12.6. Securing Files on Disk

Problem

You want to make sure that the files that you are working with on disk are locked and encrypted when the iOS device is locked, and not accessible by an attacker.

Solution

Create your file using the createFileAtPath:contents:attributes: instance method or your folders using the createDirectoryAtPath:withIntermediateDirectories:attributes:error: instance method of the NSFileManager and use the NSFileProtectionKey key in the attributes dictionary with one of the following values:

NSFileProtectionCompleteUnlessOpen

The file will be encrypted on disk and will be accessible by your app only after the user has unlocked the device. The user can then lock the device back, but while you have the handle to the file, you can continue to read from and write to the file.

NSFileProtectionComplete

The file is encrypted on disk and is not accessible by your app unless the user unlocks the device. If you have a handle to the file when the device is unlocked, you will not be able to read from or write to the file if the user decides to lock the device again.

NSFileProtectionCompleteUntilFirstUserAuthentication

The file is encrypted on disk and you can read from it or write to it only after the user has at least unlocked the device once. After that one-time unlocking, you can read from and write to the file. The user can lock the device, but that won’t affect you and your file handle.

iOS uses the passcode that the user sets for her device as a seed to the encryption applied ...

Get iOS 6 Programming Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial